I have tested this on the server test rig, and it did not change
server side behaviour (in a way that breaks the defined tests).
I've also stared at the code a bit and tried to figure out what is
going on, and came across a slightly incomplete comment for
key_state_test_auth_control_file() which has escaped the dragon's
wrath - rewritten to match my understanding of the function.
Ditto for the comment in ssl_verify.h for tls_authentication_status(),
which was not updated to reflect the removal of TLS_AUTHENTICATION_UNDEFINED
(slightly moot as the "exponential" patch will remove that parameter
and the comment with it).
Your patch has been applied to the master branch.
commit 9a4305020777ce92d4143828b39027f43951ac32
Author: Arne Schwabe
Date: Thu May 6 16:12:59 2021 +0200
Return cached result in tls_authentication_status
Signed-off-by: Arne Schwabe <[email protected]>
Acked-by: Antonio Quartulli <[email protected]>
Message-Id: <[email protected]>
URL:
https://www.mail-archive.com/[email protected]/msg22318.html
Signed-off-by: Gert Doering <[email protected]>
--
kind regards,
Gert Doering
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
